Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Hari Prasad Koguru

Bangalore

Summary

Dynamic security professional with extensive experience at Accorian, excelling in enterprise risk assessment and compliance audits. Proven track record in achieving ISO 27001 certification, SOC 2 reports and enhancing GRC management. Skilled in vendor due diligence and leading teams, fostering collaboration to drive impactful risk mitigation strategies.

Overview

4
4
years of professional experience
1
1
Certification

Work History

Team Lead and Senior Security Consultant

Accorian
Bangalore
10.2024 - Current
  • Lead end-to-end gap assessments for frameworks, including SOC 2 and ISO 27001.
  • I have demonstrated proficiency in team management, overseeing teams comprising three members.
  • Manage the delivery of end-to-end projects to define timelines and Integrated Management System standards.
  • Managed third-party risk assessments and vendor due diligence.
  • Delivered audit reports and presented key findings to senior management and audit committees, facilitating timely remediation plans.
  • Manage and review organization-wide risk register and policy exceptions, ensuring alignment with ISO 31000 and internal governance policies for various clients for whom I act as vCISO. Drive periodic re-assessment of accepted risks; support stakeholder discussions on remediation plans.
  • Lead client-facing security conversations, respond to customer questionnaires, and manage in-person trust-building sessions.
  • Provided support in enhancing the in-house GRC product by aligning it with compliance frameworks and developing and cross-framework mapping.

Security Consultant

Accorian
Bangalore
01.2023 - 09.2024
  • Responsible for the complete end-to-end implementation of standards like ISO 27001:2022, SOC 2 Type 1, and Type 2.
  • Conducted SOC 2 audits for various clients and drafted SOC 2 Type 1 and Type 2 reports. Audited and drafted SOC 2 Type 2 for more than 20 clients.
  • Understanding the organization's requirements, planning and designing governance structures, policies, procedures, other documentation, and selecting technology products or services, as well as conducting audits.
  • Led internal audits to ensure the effectiveness of the ISMS and compliance with ISO 27001 standards, documenting findings and corrective actions.
  • Provided support during external audits, ensuring audit readiness by maintaining comprehensive evidence logs and assisting auditors with required documentation.
  • Achieved ISO 27001 certification for clients with no major non-conformities.

Risk Assessment and Management

  • Conducted periodic risk assessments for various industries, including Insurance providers, healthcare, and banking, identifying critical threats, vulnerabilities, and business impacts.
  • Developed comprehensive risk registers, performed risk analysis using ISO 31000 principles, and prioritized risks based on likelihood and impact.
  • Designed actionable Risk Treatment Plans by recommending and tracking mitigation measures to reduce risk by 35-50%.
  • Collaborated with stakeholders to reassess residual risks post-treatment and maintain risk registers aligned with ISO 27001:2022 standards.

Security Privacy and Compliance Analyst

Accorian
Bangalore
01.2022 - 12.2022
  • I have assisted in the implementation of ISO 27001:2013 for the client.
  • I have been part of internal and external audits, and I helped clients achieve successful ISO 27001:2013 certificates.
  • I have conducted comprehensive risk assessments across multiple departments.
  • Drafting and implementing information security policies and procedures to meet the standard requirements suited to the organization's needs.
  • Conducting risk assessments, information security audits, vendor audits, and third-party risk assessments.
  • Validated evidence was submitted for ISO/IEC 27001:2013 compliance as part of sustenance activities, ensuring adherence to standard requirements.

Education

Bachelor of Science - Electronics And Communications Engineering

Madanapalli Institute of Technology And Sciences
Madanapalli, Andhra Pradesh.
05-2017

Skills

  • Enterprise Risk assessment (ISO 31000)
  • Compliance audits
  • Vendor due diligence
  • ISO 27001
  • TPRM
  • ISO 42001
  • Internal Audit
  • External Audit
  • SOC 2
  • SOC 2 Reports
  • Gap assessments (ISO 27001 and SOC 2)
  • GRC Management
  • ISMS

Certification

  • ISO 27001:2022 lead auditor
  • ISO 42001:2023 lead implementer
  • Certified Ethical Hacker (CEH)
  • AWS Cloud Practitioner Essentials

Timeline

Team Lead and Senior Security Consultant

Accorian
10.2024 - Current

Security Consultant

Accorian
01.2023 - 09.2024

Security Privacy and Compliance Analyst

Accorian
01.2022 - 12.2022

Bachelor of Science - Electronics And Communications Engineering

Madanapalli Institute of Technology And Sciences
Hari Prasad Koguru